Whitelist rule - confusion on URL filtering...

We have a whitelist rule that allows out http/https as a service and "any" as the application.

All the URL categories in the profile applied to that rule are set to "Block" and there are some URLs in the whitelist.

The destination address is set to "an

How reverse route injection can be accomplished in PaloAlto?

Hi All,

What is reverse route injection is used for in Cisco or any other devices?

How this can be accomplished in PaloAlto?

Thank you,

Gururaj

Panorama 6.0

we recently integrated a PA-500 (4.1.10) into PANO 6.0 and we've started seeing OSPF flapping. Has anyone else experienced this issue? It looks like the Management cpu will spike up to 100% when communicating to the PANO and then we lose OSPF. This P

Global Protect Portal

Is there anyone out there running client VPN and managing it through the portal on PAN-OS 6.0.1?  I keep getting the error stating that I need a portal license.  I have the same setup on another Palo on version 5.0.8 and it is running without a licen

Can Global Protect use multiple methods of Authentication?

Is it possible to setup Global Protect to use Windows AD authentication for a subset of our VPN users, and Radius for the rest?  I'm assuming this is not possible since you can only set one Authentication Profile under the GlobalProtectPortal, but if

Mcafee Application Object

Has anyone noticed the Mcafee Application Object is using the wrong ports, or do I have something wrong?

• McAfee update protocol for distribution of signature/pattern updates. tcp/3025
• Mcafee-update tcp/8801

These are all the ports Mcafee leverages (outs

Is it recommended to upgrade to PAN-OS 6.0.0?, Is it stable?

Is it recommended to upgrade to PAN-OS 6.0.0?, Is it stable?

Not able to access the URL

Can anyone please help me categorized the below URL into Malware Sites

http://203.197.123.30/clm/clmhome

Please advise.

CLI Scripting to implement missing commands

Hi,

in my opinion some commands are still missing in the PanOS CLI. I miss some features implemented in my conventional firewall to handle the policy rule  set efficiently.

Some other vendor has the possibility to use so called op-scripts in the CLI.

Best Way to use User-ID Agent.

Hey everyone,

I have been bashing my head onug how I can cleaninly use the USer-ID agent.. I wanted to stop WMI or event exclude internal vlans as I thoht it was used just for VPN. But its not its used to map source user info in the log files of the f

Dynamic Block Lists and Spamhaus

Does anyone know if the Spamhaus format drop lists (that use ";" delimiters to denote descriptive text) are accepted as PA Dynamic Block lists?

http://www.spamhaus.org/drop/drop.txt

Rgds

user agent refresh

hi!

i was wondering what is the time frame for the user agent to "discover" newly added users or security groups, in an LDAP environment?

if such a timer exists - is it configurable?

can the agent be forced to update its database?

thnx!